build: components opt-in mechanism for packages

CMakeLists.txt

@@ -102,6 +102,11 @@ set(PACKAGE_NAME "falco")
 set(DRIVER_NAME "falco")
 set(DRIVER_DEVICE_NAME "falco")
 set(DRIVERS_REPO "https://download.falco.org/driver")
+
+if(NOT DEFINED FALCO_COMPONENT_NAME)
+    set(FALCO_COMPONENT_NAME "${CMAKE_PROJECT_NAME}")
+endif()
+
 if(CMAKE_INSTALL_PREFIX_INITIALIZED_TO_DEFAULT)
   set(CMAKE_INSTALL_PREFIX
       /usr
@@ -164,7 +169,7 @@ if(NOT MINIMAL_BUILD)
 endif()
 
 # Installation
-install(FILES falco.yaml DESTINATION "${FALCO_ETC_DIR}")
+install(FILES falco.yaml DESTINATION "${FALCO_ETC_DIR}" COMPONENT "${FALCO_COMPONENT_NAME}")
 
 if(NOT MINIMAL_BUILD)
   # Coverage

cmake/modules/CPackConfig.cmake

@@ -1,5 +1,5 @@
 #
-# Copyright (C) 2021 The Falco Authors.
+# Copyright (C) 2022 The Falco Authors.
 #
 # Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with
 # the License. You may obtain a copy of the License at
@@ -25,6 +25,17 @@ set(CPACK_PROJECT_CONFIG_FILE "${PROJECT_SOURCE_DIR}/cmake/cpack/CMakeCPackOptio
 set(CPACK_STRIP_FILES "ON")
 set(CPACK_PACKAGE_RELOCATABLE "OFF")
 
+# Built packages will include only the following components
+set(CPACK_INSTALL_CMAKE_PROJECTS
+  "${CMAKE_CURRENT_BINARY_DIR};${FALCO_COMPONENT_NAME};${FALCO_COMPONENT_NAME};/"
+  "${CMAKE_CURRENT_BINARY_DIR};${DRIVER_COMPONENT_NAME};${DRIVER_COMPONENT_NAME};/"
+)
+if(NOT MUSL_OPTIMIZED_BUILD) # static builds do not have plugins
+  list(APPEND CPACK_INSTALL_CMAKE_PROJECTS
+    "${CMAKE_CURRENT_BINARY_DIR};${PLUGINS_COMPONENT_NAME};${PLUGINS_COMPONENT_NAME};/"
+  )
+endif()
+
 if(NOT CPACK_GENERATOR)
     set(CPACK_GENERATOR DEB RPM TGZ)
 endif()

cmake/modules/falcosecurity-libs.cmake

@@ -41,6 +41,8 @@ else()
   set(FALCOSECURITY_LIBS_SOURCE_DIR "${FALCOSECURITY_LIBS_CMAKE_WORKING_DIR}/falcosecurity-libs-prefix/src/falcosecurity-libs")
 endif()
 
+set(LIBS_PACKAGE_NAME "falcosecurity")
+
 add_definitions(-D_GNU_SOURCE)
 add_definitions(-DHAS_CAPTURE)
 if(MUSL_OPTIMIZED_BUILD)
@@ -50,6 +52,7 @@ endif()
 set(DRIVER_VERSION "${FALCOSECURITY_LIBS_VERSION}")
 set(DRIVER_NAME "falco")
 set(DRIVER_PACKAGE_NAME "falco")
+set(DRIVER_COMPONENT_NAME "falco-driver")
 set(SCAP_BPF_PROBE_ENV_VAR_NAME "FALCO_BPF_PROBE")
 set(SCAP_HOST_ROOT_ENV_VAR_NAME "HOST_ROOT")
 

cmake/modules/plugins.cmake

@@ -15,6 +15,10 @@ include(ExternalProject)
 
 string(TOLOWER ${CMAKE_HOST_SYSTEM_NAME} PLUGINS_SYSTEM_NAME)
 
+if(NOT DEFINED PLUGINS_COMPONENT_NAME)
+    set(PLUGINS_COMPONENT_NAME "${CMAKE_PROJECT_NAME}-plugins")
+endif()
+
 # todo(jasondellaluce): switch this to a stable version once this plugin gets
 # released with a 1.0.0 required plugin api version
 ExternalProject_Add(
@@ -25,7 +29,7 @@ ExternalProject_Add(
   BUILD_COMMAND ""
   INSTALL_COMMAND "")
 
-install(FILES "${PROJECT_BINARY_DIR}/cloudtrail-plugin-prefix/src/cloudtrail-plugin/libcloudtrail.so" DESTINATION "${FALCO_PLUGINS_DIR}")
+install(FILES "${PROJECT_BINARY_DIR}/cloudtrail-plugin-prefix/src/cloudtrail-plugin/libcloudtrail.so" DESTINATION "${FALCO_PLUGINS_DIR}" COMPONENT "${PLUGINS_COMPONENT_NAME}")
 
 # todo(jasondellaluce): switch this to a stable version once this plugin gets
 # released with a 1.0.0 required plugin api version
@@ -37,4 +41,4 @@ ExternalProject_Add(
   BUILD_COMMAND ""
   INSTALL_COMMAND "")
 
-install(FILES "${PROJECT_BINARY_DIR}/json-plugin-prefix/src/json-plugin/libjson.so" DESTINATION "${FALCO_PLUGINS_DIR}")
+install(FILES "${PROJECT_BINARY_DIR}/json-plugin-prefix/src/json-plugin/libjson.so" DESTINATION "${FALCO_PLUGINS_DIR}" COMPONENT "${PLUGINS_COMPONENT_NAME}")

rules/CMakeLists.txt

@@ -26,7 +26,8 @@ if(NOT DEFINED FALCO_RULES_DEST_FILENAME)
   set(FALCO_AWS_CLOUDTRAIL_RULES_DEST_FILENAME "aws_cloudtrail_rules.yaml")
 endif()
 
-if(DEFINED FALCO_COMPONENT)
+
+if(DEFINED FALCO_COMPONENT) # Allow a slim version of Falco to be embedded in other projects, intentionally *not* installing all rulesets.
   install(
     FILES falco_rules.yaml
     COMPONENT "${FALCO_COMPONENT}"
@@ -38,32 +39,36 @@ if(DEFINED FALCO_COMPONENT)
     COMPONENT "${FALCO_COMPONENT}"
     DESTINATION "${FALCO_ETC_DIR}"
     RENAME "${FALCO_LOCAL_RULES_DEST_FILENAME}")
-# Intentionally *not* installing application_rules.yaml. Not needed when falco is embedded in other projects.
-else()
+else() # Default Falco installation
   install(
     FILES falco_rules.yaml
     DESTINATION "${FALCO_ETC_DIR}"
-    RENAME "${FALCO_RULES_DEST_FILENAME}")
+    RENAME "${FALCO_RULES_DEST_FILENAME}"
+    COMPONENT "${FALCO_COMPONENT_NAME}")
 
   install(
     FILES falco_rules.local.yaml
     DESTINATION "${FALCO_ETC_DIR}"
-    RENAME "${FALCO_LOCAL_RULES_DEST_FILENAME}")
+    RENAME "${FALCO_LOCAL_RULES_DEST_FILENAME}"
+    COMPONENT "${FALCO_COMPONENT_NAME}")
 
   install(
     FILES k8s_audit_rules.yaml
     DESTINATION "${FALCO_ETC_DIR}"
-    RENAME "${FALCO_K8S_AUDIT_RULES_DEST_FILENAME}")
+    RENAME "${FALCO_K8S_AUDIT_RULES_DEST_FILENAME}"
+    COMPONENT "${FALCO_COMPONENT_NAME}")
 
   install(
     FILES application_rules.yaml
     DESTINATION "${FALCO_ETC_DIR}/rules.available"
-    RENAME "${FALCO_APP_RULES_DEST_FILENAME}")
+    RENAME "${FALCO_APP_RULES_DEST_FILENAME}"
+    COMPONENT "${FALCO_COMPONENT_NAME}")
 
   install(
     FILES aws_cloudtrail_rules.yaml
     DESTINATION "${FALCO_ETC_DIR}"
-    RENAME "${FALCO_AWS_CLOUDTRAIL_RULES_DEST_FILENAME}")
+    RENAME "${FALCO_AWS_CLOUDTRAIL_RULES_DEST_FILENAME}"
+    COMPONENT "${FALCO_COMPONENT_NAME}")
 
-  install(DIRECTORY DESTINATION "${FALCO_ETC_DIR}/rules.d")
+  install(DIRECTORY DESTINATION "${FALCO_ETC_DIR}/rules.d" COMPONENT "${FALCO_COMPONENT_NAME}")
 endif()

scripts/CMakeLists.txt

@@ -33,5 +33,5 @@ configure_file(falco-driver-loader falco-driver-loader @ONLY)
 
 if(CMAKE_SYSTEM_NAME MATCHES "Linux")
 	install(PROGRAMS ${PROJECT_BINARY_DIR}/scripts/falco-driver-loader
-		DESTINATION ${FALCO_BIN_DIR})
+		DESTINATION ${FALCO_BIN_DIR} COMPONENT "${FALCO_COMPONENT_NAME}")
 endif()

userspace/falco/CMakeLists.txt

@@ -177,4 +177,4 @@ if(MUSL_OPTIMIZED_BUILD AND CMAKE_BUILD_TYPE STREQUAL "release")
   )
 endif()
 
-install(TARGETS falco DESTINATION ${FALCO_BIN_DIR})
+install(TARGETS falco RUNTIME DESTINATION ${FALCO_BIN_DIR} COMPONENT "${FALCO_COMPONENT_NAME}")